<?php
header("Content-type:text/html; charset=utf-8;");
require '../../../ppf/fun.php';
require '../../../ppf/pdo_mysql.php';
require '../../../ppf/Filter.php';

$pd=new pdo_mysql();
$filter=new Filter();
session_start();

if(empty($_SESSION['uid'])){
    $tips=array(
		'tips'=>'请登录后再进行操作',
		'url'=>'index.php'
	);
	$tips=urlencode(serialize($tips));
	header('Location:../tips.php?gets='.$tips);
	exit;
}

$submitMethod=$_SERVER["REQUEST_METHOD"];
if($submitMethod=='POST'){
    $now=date('Y-m-d H:i:s');
	$id          = Filter::safe_string($_POST['id']);
	$username  = Filter::safe_string($_POST['username']);
    $pmd5      =Filter::safe_string($_POST['pmd5']);
    $nick      = Filter::safe_string($_POST['nick']);
    $truename  = Filter::safe_string($_POST['truename']);
    $used_name = Filter::safe_string($_POST['used_name']);
    $ename     = Filter::safe_string($_POST['ename']);
    $sex       =empty($_POST['sex'])?0:Filter::filter_number($_POST['sex']);
    $idnumber  = Filter::safe_string($_POST['idnumber']);
    $worknum   = Filter::safe_string($_POST['worknum']);
    $nation    =empty($_POST['nation'])?0:Filter::filter_number($_POST['nation']);
    $political_status= empty($_POST['political_status'])?0:Filter::filter_number($_POST['political_status']);
    $birthday  = Filter::safe_string($_POST['birthday']);
    $areaid    =empty($_POST['areaid'])?0:Filter::filter_number($_POST['areaid']);
    $addr      = Filter::safe_string($_POST['addr']);
    $email     = Filter::safe_string($_POST['email']);
    $qq        = Filter::safe_string($_POST['qq']);
    $mobile    = Filter::safe_string($_POST['mobile']);
    $tel       = Filter::safe_string($_POST['tel']);
    $idtype    =empty($_POST['idtype'])?0:Filter::filter_number($_POST['idtype']);
    $department=empty($_POST['department'])?0:Filter::filter_number($_POST['department']);
    $duty      =empty($_POST['duty'])?0:Filter::filter_number($_POST['duty']);
    $dutytitle =empty($_POST['dutytitle'])?0:Filter::filter_number($_POST['dutytitle']);
    $role      =empty($_POST['role'])?0:Filter::filter_number($_POST['role']);
    $school    =empty($_POST['school'])?0:Filter::filter_number($_POST['school']);
    $hobbies   = Filter::safe_string($_POST['hobbies']);
    $state     =empty($_POST['state'])?0:Filter::filter_number($_POST['state']);

	$in_data=array(
        'id'         =>'a'.time(),
		'username' =>$username,
		'pmd5'        =>md5($pmd5),
		'nick'        =>$nick,
		'truename'      =>$truename,
        'used_name'   =>$used_name,
        'ename'   =>$ename,
        'sex'   =>$sex,
        'idnumber'   =>$idnumber,
        'worknum'   =>$worknum,
        'nation'   =>$nation,
        'political_status'   =>$political_status,
        'birthday'   =>$birthday,
        'areaid'   =>$areaid,
        'addr'   =>$addr,
        'email'   =>$email,
        'qq'   =>$qq,
        'mobile'   =>$mobile,
        'tel'   =>$tel,
        'idtype'   =>$idtype,
        'department'   =>$department,
        'duty'   =>$duty,
        'dutytitle'   =>$dutytitle,
        'role'   =>$role,
        'school'   =>$school,
        'hobbies'   =>$hobbies,
        'state'   =>$state,
        'lvl'   =>0,
        'credit'   =>0,
        'integral'   =>0,
        'gold'   =>0,
        'cash'   =>0,
        'ischeck'   =>0,
        'inserttime'   =>$now
	);
    $u_data=array(
		'nick'        =>$nick,
		'truename'      =>$truename,
        'used_name'   =>$used_name,
        'ename'   =>$ename,
        'sex'   =>$sex,
        'idnumber'   =>$idnumber,
        'worknum'   =>$worknum,
        'nation'   =>$nation,
        'political_status'   =>$political_status,
        'birthday'   =>$birthday,
        'areaid'   =>$areaid,
        'addr'   =>$addr,
        'email'   =>$email,
        'qq'   =>$qq,
        'mobile'   =>$mobile,
        'tel'   =>$tel,
        'idtype'   =>$idtype,
        'department'   =>$department,
        'duty'   =>$duty,
        'dutytitle'   =>$dutytitle,
        'role'   =>$role,
        'school'   =>$school,
        'hobbies'   =>$hobbies,
        'state'   =>$state,
        'updatetime'=>$now
	);
	$result=0;
	$tps='';
    
	if(empty($id)){
		$result=$pd->insert(array('data'=>$in_data,'table'=>'sys_member'));
		$tps='添加成功';
	}else{
		$result=$pd->update(array('data'=>$u_data,'table'=>'sys_member','where'=>"id='".$id."'"));
		$tps='修改成功';
	}

	if(empty($result)){
		echo "更新失败!";exit;
	}else{
		echo "ok";exit;
	}
}else{
    echo "不允许的表单提交方式，请按正常流程提交表单。";exit;
}
?>